{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T03:42:36.893","vulnerabilities":[{"cve":{"id":"CVE-2020-7457","sourceIdentifier":"secteam@freebsd.org","published":"2020-07-09T14:15:10.917","lastModified":"2024-11-21T05:37:10.960","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV6_2292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application to modify memory after being freed, possibly resulting in code execution."},{"lang":"es","value":"En FreeBSD versiones 12.1-ESTABLE anteriores a r359565, versiones 12.1-RELEASE anteriores a p7, versiones 11.4-ESTABLE anteriores a r362975, versiones 11.4-RELEASE anteriores a p1 y 11.3-RELEASE anteriores a p11, una falta de sincronización en el manejador del conjunto de opciones del socket IPV6_2292PKTOPTIONS contenía una condición de carrera que permitía una aplicación maliciosa para modificar la memoria después de ser liberada, resultando posiblemente en una ejecución de código"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"},{"lang":"en","value":"CWE-416"},{"lang":"en","value":"CWE-662"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:-:*:*:*:*:*:*","matchCriteriaId":"F35957CE-AF9F-40CA-BDD1-FA6A0E73783F"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:p1:*:*:*:*:*:*","matchCriteriaId":"EA929713-B797-494A-853D-C121D9D69519"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:p10:*:*:*:*:*:*","matchCriteriaId":"B87AF171-95AC-4DDA-8D94-694F85638B46"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:p2:*:*:*:*:*:*","matchCriteriaId":"3C3D8EDC-91D3-45B2-AC1D-EF4346D4A714"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:p3:*:*:*:*:*:*","matchCriteriaId":"EA5006FF-06A5-4D95-BF5B-29F26248D11F"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:p4:*:*:*:*:*:*","matchCriteriaId":"A705031B-FD63-4076-B92E-E826E11D7111"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:p5:*:*:*:*:*:*","matchCriteriaId":"11C1EFB1-68E5-45F4-A7E1-744574F290D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:p6:*:*:*:*:*:*","matchCriteriaId":"25F649A7-9265-4552-8934-BCE083363982"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:p7:*:*:*:*:*:*","matchCriteriaId":"F202C856-5B95-4796-AC4A-1F210E7BAB8F"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:p8:*:*:*:*:*:*","matchCriteriaId":"9419C866-C478-4CDE-A9A1-E592D8FF0933"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.3:p9:*:*:*:*:*:*","matchCriteriaId":"2B6DFC23-A7A1-431A-9AD9-A820579F95F0"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.4:-:*:*:*:*:*:*","matchCriteriaId":"4A865EA1-01D7-4E5A-9D13-80780F8A9D7A"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.4:beta1:*:*:*:*:*:*","matchCriteriaId":"B80FBD1B-D03E-4408-9150-2F86FAF7F1D7"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.4:rc2:*:*:*:*:*:*","matchCriteriaId":"0D427061-B399-47BA-865D-9FAB315210CF"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.1:-:*:*:*:*:*:*","matchCriteriaId":"BD730B6A-F123-4685-ACB3-4F20AAAB77F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.1:p1:*:*:*:*:*:*","matchCriteriaId":"508150E3-2C0C-4EEB-BFC9-BB5CEB404C06"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.1:p2:*:*:*:*:*:*","matchCriteriaId":"B5D692EF-A5D7-430E-91BA-4CD137343B66"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.1:p3:*:*:*:*:*:*","matchCriteriaId":"D50C60A7-4C9F-4636-92E9-9F5B8B01BE5B"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.1:p4:*:*:*:*:*:*","matchCriteriaId":"6C49F6C7-A740-42F4-93BB-512CBF334516"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.1:p5:*:*:*:*:*:*","matchCriteriaId":"402740C4-5B55-423F-BAD2-F742E1E21ADC"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.1:p6:*:*:*:*:*:*","matchCriteriaId":"9DCAA10A-C612-45E0-84B7-55897F49D65E"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/158695/FreeBSD-ip6_setpktopt-Use-After-Free-Privilege-Escalation.html","source":"secteam@freebsd.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-20:20.ipv6.asc","source":"secteam@freebsd.org","tags":["Patch","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20200724-0002/","source":"secteam@freebsd.org","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/158695/FreeBSD-ip6_setpktopt-Use-After-Free-Privilege-Escalation.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-20:20.ipv6.asc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20200724-0002/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}